package cn.bonoon.controllers.user;

import javax.servlet.http.HttpServletRequest;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import cn.bonoon.core.plugins.AccountService;
import cn.bonoon.kernel.security.LogonUser;
import cn.bonoon.kernel.web.controllers.AbstractController;
import cn.bonoon.kernel.web.models.DialogModel;
import cn.bonoon.kernel.web.models.FormModel;
import cn.bonoon.kernel.web.models.JsonResult;
import cn.bonoon.kernel.web.models.StandardModel;
import cn.bonoon.util.RSAManager;

@Controller
@RequestMapping("/s/user/change")
public class ChangePasswordController extends AbstractController {
	private AccountService accountService;

	@Value("${user.password.pattern}")
	private String pattern;
	@Value("${user.password.pattern.exception}")
	private String patternException;
	private String sumbitUrl;

	@Autowired
	public ChangePasswordController(AccountService accountService) {
		this.accountService = accountService;
	}
	@Override
	public void afterPropertiesSet() throws Exception {
		super.afterPropertiesSet();
		this.sumbitUrl = toUrl("/u/user/change/submit.b");
	}

	@RequestMapping(value = "pwd.b", method = { RequestMethod.POST, RequestMethod.GET })
	public final ModelAndView get(HttpServletRequest request) {
		StandardModel mv;
		if ("d".equals(request.getParameter("t"))) {
			DialogModel di = new DialogModel("pwd-editor", request);
			di.setMaster("layout-dialog-simple.vm");
			di.setTitle("修改密码");//.button("提交", sumbitUrl);
			di.addObject("isDialog", true);
			mv = di;
		} else {
			FormModel fm = new FormModel(null, request);
			fm.setMaster("frame-form.vm");
			fm.button("提交", sumbitUrl);
			mv = fm;
		}
		return _execute(mv);
	}
	//
	// @RequestMapping(value = "pwd/forced.b", method = RequestMethod.POST)
	// public final ModelAndView forced(HttpServletRequest request) {
	// DialogModel di = new DialogModel(null, request);
	// di.setClosable(false);
	// di.setCloseButton(false);
	// di.setTitle("系统要求强制修改密码");
	// di.button("提交", toUrl("/u/user/change/submit.b"));
	// return _execute(di);
	// }
	//
	private StandardModel _execute(StandardModel model) {
		model.addObject("name", getUser().getDisplayName());
		model.addObject("pattern", pattern);
		model.addObject("patternException", patternException);

		model.addObject("modulus", RSAManager.rsaManager.getModulus());
		model.addObject("exponent", RSAManager.rsaManager.getExponent());
		
		return model.execute("change-pwd");
	}

	@ResponseBody
	@RequestMapping(value = "submit.b", method = RequestMethod.POST)
	public JsonResult save(String oldPwd, String newPwd, String cfPwd) {
		try {
			LogonUser user = getUser();
			if (null == user) throw new Exception("当前用户没有登录,无法修改密码!");

			oldPwd = RSAManager.rsaManager.decryptJSString(oldPwd);
			newPwd = RSAManager.rsaManager.decryptJSString(newPwd);
			cfPwd = RSAManager.rsaManager.decryptJSString(cfPwd);
	        
			accountService.modify(user.getId(), oldPwd, newPwd, cfPwd);
			user.changePwd();
			return JsonResult.result();
		} catch (Throwable t) {
			return JsonResult.result(t);
		}
	}
}
